This component is responsible for provisioning a VPC and corresponding Subnets. Additionally, VPC Flow Logs can optionally be enabled for auditing purposes. See the existing VPC configuration documentation for the provisioned subnets.
Stack Level: Regional
Here's an example snippet for how to use this component.
components:
terraform:
vpc:
vars:
subnet_type_tag_key: "example.net/subnet/type"
vpc_flow_logs_enabled: true
vpc_flow_logs_bucket_environment_name: "uw2"
vpc_flow_logs_bucket_stage_name: "audit"
vpc_flow_logs_traffic_type: "ALL"
cidr_block: "10.111.0.0/18"| Name | Version |
|---|---|
| terraform | >= 0.12.0 |
| aws | >= 2.0 |
| local | >= 1.3 |
| template | >= 2.0 |
No providers.
| Name | Source | Version |
|---|---|---|
| iam_roles | ../account-map/modules/iam-roles | n/a |
| subnets | cloudposse/dynamic-subnets/aws | 0.39.3 |
| this | cloudposse/label/null | 0.24.1 |
| vpc | cloudposse/vpc/aws | 0.26.1 |
No resources.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_tag_map | Additional tags for appending to tags_as_list_of_maps. Not added to tags. |
map(string) |
{} |
no |
| attributes | Additional attributes (e.g. 1) |
list(string) |
[] |
no |
| availability_zones | List of availability zones in which to provision VPC subnets | list(string) |
[] |
no |
| cidr_block | VPC CIDR block | string |
n/a | yes |
| context | Single object for setting entire context at once. See description of individual variables for details. Leave string and numeric variables as null to use default value.Individual variable settings (non-null) override settings in context object, except for attributes, tags, and additional_tag_map, which are merged. |
any |
{ |
no |
| delimiter | Delimiter to be used between namespace, environment, stage, name and attributes.Defaults to - (hyphen). Set to "" to use no delimiter at all. |
string |
null |
no |
| enabled | Set to false to prevent the module from creating any resources | bool |
null |
no |
| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | string |
null |
no |
| id_length_limit | Limit id to this many characters (minimum 6).Set to 0 for unlimited length.Set to null for default, which is 0.Does not affect id_full. |
number |
null |
no |
| import_role_arn | IAM Role ARN to use when importing a resource | string |
null |
no |
| label_key_case | The letter case of label keys (tag names) (i.e. name, namespace, environment, stage, attributes) to use in tags.Possible values: lower, title, upper.Default value: title. |
string |
null |
no |
| label_order | The naming order of the id output and Name tag. Defaults to ["namespace", "environment", "stage", "name", "attributes"]. You can omit any of the 5 elements, but at least one must be present. |
list(string) |
null |
no |
| label_value_case | The letter case of output label values (also used in tags and id).Possible values: lower, title, upper and none (no transformation).Default value: lower. |
string |
null |
no |
| map_public_ip_on_launch | Instances launched into a public subnet should be assigned a public IP address | bool |
true |
no |
| max_subnet_count | Sets the maximum amount of subnets to deploy. 0 will deploy a subnet for every provided availability zone (in region_availability_zones variable) within the region |
number |
0 |
no |
| name | Solution name, e.g. 'app' or 'jenkins' | string |
null |
no |
| namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | string |
null |
no |
| nat_gateway_enabled | Flag to enable/disable NAT gateways | bool |
n/a | yes |
| nat_instance_enabled | Flag to enable/disable NAT instances | bool |
n/a | yes |
| nat_instance_type | NAT Instance type | string |
"t3.micro" |
no |
| regex_replace_chars | Regex to replace chars with empty string in namespace, environment, stage and name.If not set, "/[^a-zA-Z0-9-]/" is used to remove all characters other than hyphens, letters and digits. |
string |
null |
no |
| region | AWS Region | string |
n/a | yes |
| region_availability_zones | List of availability zones in region, to be used as default when availability_zones is not supplied |
list(string) |
[] |
no |
| stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | string |
null |
no |
| subnet_type_tag_key | Key for subnet type tag to provide information about the type of subnets, e.g. cpco/subnet/type=private or cpcp/subnet/type=public |
string |
n/a | yes |
| subnet_type_tag_value_format | This is using the format interpolation symbols to allow the value of the subnet_type_tag_key to be modified | string |
"%s" |
no |
| tags | Additional tags (e.g. map('BusinessUnit','XYZ') |
map(string) |
{} |
no |
| Name | Description |
|---|---|
| max_subnet_count | Maximum allowed number of subnets before all subnet CIDRs need to be recomputed |
| nat_gateway_ids | NAT Gateway IDs |
| nat_gateway_public_ips | NAT Gateway public IPs |
| nat_instance_ids | NAT Instance IDs |
| private_route_table_ids | Private subnet route table IDs |
| private_subnet_cidrs | Private subnet CIDRs |
| private_subnet_ids | Private subnet IDs |
| public_route_table_ids | Public subnet route table IDs |
| public_subnet_cidrs | Public subnet CIDRs |
| public_subnet_ids | Public subnet IDs |
| vpc_cidr | VPC CIDR |
| vpc_id | VPC ID |
- cloudposse/terraform-aws-components - Cloud Posse's upstream component
